Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openanolis
dragonwell8_jdk
提交
c7b72ac3
D
dragonwell8_jdk
项目概览
openanolis
/
dragonwell8_jdk
通知
4
Star
2
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
D
dragonwell8_jdk
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
提交
c7b72ac3
编写于
11月 09, 2011
作者:
W
weijun
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
7109096: keytool -genkeypair needn't call -selfcert
Reviewed-by: xuelei
上级
297c3ebc
变更
2
显示空白变更内容
内联
并排
Showing
2 changed file
with
36 addition
and
17 deletion
+36
-17
src/share/classes/sun/security/tools/CertAndKeyGen.java
src/share/classes/sun/security/tools/CertAndKeyGen.java
+28
-13
src/share/classes/sun/security/tools/KeyTool.java
src/share/classes/sun/security/tools/KeyTool.java
+8
-4
未找到文件。
src/share/classes/sun/security/tools/CertAndKeyGen.java
浏览文件 @
c7b72ac3
...
@@ -33,18 +33,7 @@ import java.security.*;
...
@@ -33,18 +33,7 @@ import java.security.*;
import
java.util.Date
;
import
java.util.Date
;
import
sun.security.pkcs10.PKCS10
;
import
sun.security.pkcs10.PKCS10
;
import
sun.security.x509.AlgorithmId
;
import
sun.security.x509.*
;
import
sun.security.x509.CertificateAlgorithmId
;
import
sun.security.x509.CertificateIssuerName
;
import
sun.security.x509.CertificateSerialNumber
;
import
sun.security.x509.CertificateSubjectName
;
import
sun.security.x509.CertificateValidity
;
import
sun.security.x509.CertificateVersion
;
import
sun.security.x509.CertificateX509Key
;
import
sun.security.x509.X500Name
;
import
sun.security.x509.X509CertImpl
;
import
sun.security.x509.X509CertInfo
;
import
sun.security.x509.X509Key
;
/**
/**
...
@@ -165,6 +154,13 @@ public final class CertAndKeyGen {
...
@@ -165,6 +154,13 @@ public final class CertAndKeyGen {
publicKey
=
pair
.
getPublic
();
publicKey
=
pair
.
getPublic
();
privateKey
=
pair
.
getPrivate
();
privateKey
=
pair
.
getPrivate
();
// publicKey's format must be X.509 otherwise
// the whole CertGen part of this class is broken.
if
(!
"X.509"
.
equalsIgnoreCase
(
publicKey
.
getFormat
()))
{
throw
new
IllegalArgumentException
(
"publicKey's is not X.509, but "
+
publicKey
.
getFormat
());
}
}
}
...
@@ -186,6 +182,16 @@ public final class CertAndKeyGen {
...
@@ -186,6 +182,16 @@ public final class CertAndKeyGen {
return
(
X509Key
)
publicKey
;
return
(
X509Key
)
publicKey
;
}
}
/**
* Always returns the public key of the generated key pair. Used
* by KeyTool only.
*
* The publicKey is not necessarily to be an instance of
* X509Key in some JCA/JCE providers, for example SunPKCS11.
*/
public
PublicKey
getPublicKeyAnyway
()
{
return
publicKey
;
}
/**
/**
* Returns the private key of the generated key pair.
* Returns the private key of the generated key pair.
...
@@ -200,7 +206,6 @@ public final class CertAndKeyGen {
...
@@ -200,7 +206,6 @@ public final class CertAndKeyGen {
return
privateKey
;
return
privateKey
;
}
}
/**
/**
* Returns a self-signed X.509v3 certificate for the public key.
* Returns a self-signed X.509v3 certificate for the public key.
* The certificate is immediately valid. No extensions.
* The certificate is immediately valid. No extensions.
...
@@ -224,6 +229,15 @@ public final class CertAndKeyGen {
...
@@ -224,6 +229,15 @@ public final class CertAndKeyGen {
X500Name
myname
,
Date
firstDate
,
long
validity
)
X500Name
myname
,
Date
firstDate
,
long
validity
)
throws
CertificateException
,
InvalidKeyException
,
SignatureException
,
throws
CertificateException
,
InvalidKeyException
,
SignatureException
,
NoSuchAlgorithmException
,
NoSuchProviderException
NoSuchAlgorithmException
,
NoSuchProviderException
{
return
getSelfCertificate
(
myname
,
firstDate
,
validity
,
null
);
}
// Like above, plus a CertificateExtensions argument, which can be null.
public
X509Certificate
getSelfCertificate
(
X500Name
myname
,
Date
firstDate
,
long
validity
,
CertificateExtensions
ext
)
throws
CertificateException
,
InvalidKeyException
,
SignatureException
,
NoSuchAlgorithmException
,
NoSuchProviderException
{
{
X509CertImpl
cert
;
X509CertImpl
cert
;
Date
lastDate
;
Date
lastDate
;
...
@@ -248,6 +262,7 @@ public final class CertAndKeyGen {
...
@@ -248,6 +262,7 @@ public final class CertAndKeyGen {
info
.
set
(
X509CertInfo
.
KEY
,
new
CertificateX509Key
(
publicKey
));
info
.
set
(
X509CertInfo
.
KEY
,
new
CertificateX509Key
(
publicKey
));
info
.
set
(
X509CertInfo
.
VALIDITY
,
interval
);
info
.
set
(
X509CertInfo
.
VALIDITY
,
interval
);
info
.
set
(
X509CertInfo
.
ISSUER
,
new
CertificateIssuerName
(
myname
));
info
.
set
(
X509CertInfo
.
ISSUER
,
new
CertificateIssuerName
(
myname
));
if
(
ext
!=
null
)
info
.
set
(
X509CertInfo
.
EXTENSIONS
,
ext
);
cert
=
new
X509CertImpl
(
info
);
cert
=
new
X509CertImpl
(
info
);
cert
.
sign
(
privateKey
,
this
.
sigAlg
);
cert
.
sign
(
privateKey
,
this
.
sigAlg
);
...
...
src/share/classes/sun/security/tools/KeyTool.java
浏览文件 @
c7b72ac3
...
@@ -1518,9 +1518,16 @@ public final class KeyTool {
...
@@ -1518,9 +1518,16 @@ public final class KeyTool {
keypair
.
generate
(
keysize
);
keypair
.
generate
(
keysize
);
PrivateKey
privKey
=
keypair
.
getPrivateKey
();
PrivateKey
privKey
=
keypair
.
getPrivateKey
();
CertificateExtensions
ext
=
createV3Extensions
(
null
,
null
,
v3ext
,
keypair
.
getPublicKeyAnyway
(),
null
);
X509Certificate
[]
chain
=
new
X509Certificate
[
1
];
X509Certificate
[]
chain
=
new
X509Certificate
[
1
];
chain
[
0
]
=
keypair
.
getSelfCertificate
(
chain
[
0
]
=
keypair
.
getSelfCertificate
(
x500Name
,
getStartDate
(
startDate
),
validity
*
24L
*
60L
*
60L
);
x500Name
,
getStartDate
(
startDate
),
validity
*
24L
*
60L
*
60L
,
ext
);
if
(
verbose
)
{
if
(
verbose
)
{
MessageFormat
form
=
new
MessageFormat
(
rb
.
getString
MessageFormat
form
=
new
MessageFormat
(
rb
.
getString
...
@@ -1537,9 +1544,6 @@ public final class KeyTool {
...
@@ -1537,9 +1544,6 @@ public final class KeyTool {
keyPass
=
promptForKeyPass
(
alias
,
null
,
storePass
);
keyPass
=
promptForKeyPass
(
alias
,
null
,
storePass
);
}
}
keyStore
.
setKeyEntry
(
alias
,
privKey
,
keyPass
,
chain
);
keyStore
.
setKeyEntry
(
alias
,
privKey
,
keyPass
,
chain
);
// resign so that -ext are applied.
doSelfCert
(
alias
,
null
,
sigAlgName
);
}
}
/**
/**
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录